When Apple shipped macOS Big Sur in November, researchers quickly spotted a strange anomaly in the system’s security protection that could have left Macs insecure. Apple now seems to be dealing with this problem, introducing a fix in the latest public beta release.
What was wrong?
For some strange reason, Big Sur introduced a controversial and potentially insecure change that meant Apple’s own apps could still access the internet even when a user blocked all access from that Mac using a firewall. This wasn’t in tune with Apple’s traditional security stance. What made this worse is that when those apps (and there were 56 in all) did access the ‘Net, user and network traffic monitoring applications were unable to monitor this use.
It meant Apple apps could access the Internet to gain Gatekeeper privileges while other applications could not, posing a potential security challenge, as they were included on the ContentFilterExclusionList.
It was subsequently shown that this protection could be subverted to give apps — including malware — similar special powers. Rogue applications could be running in the background, bypassing Getekeeper protection, even when the user believed their Mac was protected by a Firewall.
This exploit wasn’t especially trivial, and it comprised a security threat.
If you are running the current public version of Big Sur, you can see the list for yourself at /System/Library/Frameworks/NetworkExtension.framework/Versions/Current/Resources/Info.plist file, just look for “ContentFilterExclusionList.”
What has changed?
Apple has fixed this problem in its latest public beta, as noted by Patrick Wardle. The company has removed the ContentFilterExclusionList from macOS 11.2 Big Sur beta 2, which means firewalls and activity filters can now monitor the behavior of Apple’s apps, and also makes for a reduction in the potential attack vulnerability.
We know why Apple attempted this. When the company removed support for kernel extensions (kexts) from Macs, it also built a new architecture to support extensions that relied on kexts.
However, it also chose to make its own apps exempt from these frameworks, which is why software that relied on the new extensions architecture couldn’t spot or block the traffic they generated.
Why might it make sense?
I can imagine some reasons it might make sense for some Apple applications to be enabled to run in some kind of super-secret mode. Specifically, I’m thinking about FindMy and how useful that might be if left to run surreptitiously on a lost or stolen Mac. But even in that instance, it seems more appropriate (and far more in tune with Apple’s growing stance on privacy and user control) to give users control of that interaction, perhaps with something like a “run secretly in the background and resist firewalls” button.
In the future, as Apple moves toward mesh-based coverage, particularly for Find My, the challenge engineers will need to solve is how to enable traffic — finding other Apple devices or sharing information about their location, for example — to safely and securely be maintained as a discrete background process without generating additional user friction (security messages) and maintaining privacy and security across the chain.
I’ve a feeling this may have been an attempt in that direction, but the fact it could be subverted to penetrate Mac security is unsustainable. I’m sure Apple will be seeking better solutions to such conundra.
When will Big Sur be updated?
The current edition of Big Sur hasn’t yet deployed this fix, but the fact that it is now available within the latest public beta suggests it will ship more widely in the next couple of weeks.
When it arrives, it also introduces another useful layer of protection for M1 Macs, which will no longer be able to side load potentially unapproved iOS apps as the capacity to bypass the firewall will have been removed.
Please follow me on Twitter, or join me in the AppleHolic’s bar & grill group on MeWe.
Copyright © 2021 Softwaretoolapps, Inc.
My relatives always say that I am wasting my time here at net, however I know I am getting know-how everyday by reading
thes pleasant posts. asmr 0mniartist
Now I am going to do my breakfast, afterward having my breakfast coming over again to
read additional news. asmr 0mniartist
I’m not that much of a online reader to be honest but your
blogs really nice, keep it up! I’ll go ahead and bookmark your website
to come back in the future. Cheers 0mniartist asmr
It’s hard to come by educated people for this subject,
but you seem like you know what you’re talking about!
Thanks 0mniartist asmr
Its such as you learn my mind! You appear to know a
lot about this, such as you wrote the ebook in it or something.
I think that you could do with some p.c. to force the message home a bit,
but instead of that, that is great blog. A great read.
I’ll definitely be back. asmr 0mniartist
This is very attention-grabbing, You are a very skilled blogger.
I have joined your feed and look forward to searching for extra of your excellent post.
Additionally, I’ve shared your site in my social networks
With havin so much content and articles do you ever run into any problems of plagorism
or copyright infringement? My site has a lot of completely unique content I’ve
either created myself or outsourced but it seems a lot of it is
popping it up all over the internet without my agreement.
Do you know any solutions to help protect against content from being stolen? I’d definitely appreciate it.
This is my first time pay a quick visit at here and i am
actually happy to read all at alone place.
Magnificent beat ! I would like to apprentice even as
you amend your website, how can i subscribe for a blog site?
The account aided me a appropriate deal. I have been a little bit familiar of this your broadcast provided vivid transparent concept
Wow, amazing blog layout! How lengthy have you ever been running
a blog for? you made blogging glance easy. The total look of your site is great, as neatly as the content!
Simply desire to say your article is as amazing.
The clearness in your post is just spectacular and i could think you are knowledgeable on this
subject. Fine with your permission let me to seize your feed to keep
up to date with drawing close post. Thank you one million and please keep up the
rewarding work.
WOW just what I was searching for. Came here by searching for asmr
Hi there, all is going well here and ofcourse every one is sharing data, that’s actually excellent, keep up
writing.
When I originally commented I seem to have clicked the -Notify me when new comments are added- checkbox and now whenever a comment is added I get four emails with the exact same
comment. There has to be a way you can remove me from that
service? Many thanks!
scoliosis
I’m truly enjoying the design and layout of your site. It’s a very easy
on the eyes which makes it much more enjoyable for me to come here and
visit more often. Did you hire out a developer to create your theme?
Great work! scoliosis
scoliosis
Write more, thats all I have to say. Literally, it seems as though you relied on the video to make your point.
You clearly know what youre talking about, why waste
your intelligence on just posting videos to your weblog when you could be giving us something enlightening to read?
scoliosis
scoliosis
I think this is among the most significant information for me.
And i am glad reading your article. But want to remark on few
general things, The website style is perfect, the articles is really great : D.
Good job, cheers scoliosis
free dating sites
Hey there, I think your site might be having browser compatibility issues.
When I look at your website in Opera, it looks fine but
when opening in Internet Explorer, it has some overlapping.
I just wanted to give you a quick heads up! Other then that,
amazing blog! https://785days.tumblr.com/ dating sites
free dating sites
Have you ever thought about including a little
bit more than just your articles? I mean, what you say is important and all.
However just imagine if you added some great images or videos to give your
posts more, “pop”! Your content is excellent but with images and video
clips, this blog could certainly be one of the best in its niche.
Great blog! free dating sites
It’s going to be finish of mine day, but before finish I am reading this great paragraph to improve my knowledge.
I could not refrain from commenting. Exceptionally well written!
Fine way of telling, and nice article to get facts about my presentation focus,
which i am going to convey in college.
Way cool! Some very valid points! I appreciate you writing this article and the rest of the website is also
very good.
I am sure this article has touched all the internet visitors, its really really good article on building up new blog.
You really make it seem so easy with your presentation but
I find this topic to be actually something which I think I
would never understand. It seems too complex and very
broad for me. I’m looking forward for your next post, I will try to get the hang of it!
Fantastic goods from you, man. I’ve understand your stuff previous
to and you are just too excellent. I actually like what you have acquired here, certainly like what you are saying and
the way in which you say it. You make it enjoyable and you still
take care of to keep it sensible. I can’t wait to read far more from you.
This is really a wonderful web site.
Wow that was odd. I just wrote an really long comment but after I clicked submit my
comment didn’t appear. Grrrr… well I’m not writing
all that over again. Anyhow, just wanted to say fantastic blog!
When some one searches for his necessary thing, therefore he/she needs to be available that in detail,
therefore that thing is maintained over here.
123334 503619Aw, this is an incredibly good post. In thought I would like to put in place writing like this moreover – spending time and actual effort to create a good article but exactly what do I say I procrastinate alot through no indicates seem to get something accomplished. 936048
I have not checked in here for some time as I thought it was getting boring, but the last several posts are great quality so I guess I will add you back to my daily bloglist. You deserve it my friend 🙂
Real superb visual appeal on this internet site, I’d value it 10 10.
I’m not certain where you are getting your information, however good topic.
I needs to spend a while finding out more or understanding more.
Thank you for fantastic information I was in search of this information for my mission.
Very good website you have here but I was wondering if you knew of any community forums that cover the same
topics talked about in this article? I’d really like to be a part of online
community where I can get suggestions from other experienced individuals that share the same interest.
If you have any suggestions, please let me know.
Thanks a lot!
Heya i am for the primary time here. I came across this
board and I find It really useful & it helped me out a lot.
I hope to offer something back and help others such as you helped me.
You are my aspiration, I possess few web logs and very sporadically run out from to post .
Hi there, its fastidious paragraph on the topic of media print, we all know media is a great source of data.
Write more, thats all I have to say. Literally, it seems as though you relied on the video to make your point.
You clearly know what youre talking about, why waste your intelligence on just posting videos to your weblog
when you could be giving us something enlightening to read?
Thanks for the auspicious writeup. It in reality was a
enjoyment account it. Glance advanced to far delivered agreeable from you!
By the way, how can we keep in touch?
Very nice post. I just stumbled upon your blog and wanted to say that
I have really enjoyed browsing your blog posts. After all I will be subscribing
to your feed and I hope you write again soon!
Good day! Do you know if they make any plugins to protect against hackers?
I’m kinda paranoid about losing everything I’ve
worked hard on. Any tips?
A person essentially help to make severely articles I’d state.
This is the very first time I frequented your web page and thus far?
I amazed with the analysis you made to make this
actual post incredible. Wonderful task!
I was recommended this blog by my cousin. I’m not sure whether this
post is written by him as no one else know such detailed about my trouble.
You’re amazing! Thanks!
I’m gone to tell my little brother, that he should
also pay a quick visit this website on regular basis to obtain updated from newest
gossip.
Greetings! Very useful advice in this particular post!
It’s the little changes which will make the biggest changes.
Many thanks for sharing!
As the admin of this website is working, no question very quickly
it will be well-known, due to its feature contents.
Heya just wanted to give you a brief heads up and let you know a few of the pictures aren’t loading properly.
I’m not sure why but I think its a linking issue.
I’ve tried it in two different browsers and both
show the same results. asmr https://app.gumroad.com/asmr2021/p/best-asmr-online asmr
Nice blog here! Also your web site loads up fast!
What web host are you using? Can I get your affiliate link to your host?
I wish my web site loaded up as quickly as yours lol quest bars http://bit.ly/3C2tkMR quest bars
Attractive part of content. I just stumbled upon your blog
and in accession capital to say that I acquire in fact enjoyed account your weblog posts.
Anyway I will be subscribing in your augment or
even I achievement you access consistently rapidly.
cheap flights http://1704milesapart.tumblr.com/ cheap flights
I?¦ve been exploring for a bit for any high quality articles or blog posts in this sort of area . Exploring in Yahoo I eventually stumbled upon this site. Studying this information So i?¦m happy to express that I have an incredibly good uncanny feeling I found out just what I needed. I such a lot no doubt will make sure to do not forget this web site and give it a look regularly.
The following time I read a blog, I hope that it doesnt disappoint me as a lot as this one. I mean, I do know it was my option to read, however I really thought youd have one thing attention-grabbing to say. All I hear is a bunch of whining about one thing that you could possibly fix if you happen to werent too busy in search of attention.
What i do not understood is in truth how you are no
longer actually much more well-liked than you may be
right now. You’re so intelligent. You recognize thus significantly in relation to
this topic, produced me in my view believe it from so many numerous angles.
Its like men and women don’t seem to be fascinated unless it is one thing
to accomplish with Girl gaga! Your individual stuffs outstanding.
All the time maintain it up! scoliosis surgery https://0401mm.tumblr.com/ scoliosis surgery
Hey There. I discovered your blog the use of msn. That is a really
well written article. I’ll be sure to bookmark it and return to
learn extra of your helpful info. Thank you for the post.
I’ll definitely comeback. scoliosis surgery https://coub.com/stories/962966-scoliosis-surgery scoliosis surgery
Thanks for sharing your thoughts about for. Regards quest bars https://www.iherb.com/search?kw=quest%20bars quest bars
I conceive this website holds very good pent content articles.
40368 202938If you are needing to produce alteration in an individuals llife, during i would say the Are generally Bodyweight peeling off pounds training course are a wide path in the direction of gaining any search. la weight loss 135746
Fantastic web site. Lots of helpful info here.
I’m sending it to a few pals ans also sharing in delicious.
And obviously, thank you in your sweat! https://parttimejobshiredin30minutes.wildapricot.org/ part time jobs hired in 30 minutes
My programmer is trying to convince me to move
to .net from PHP. I have always disliked the idea because
of the expenses. But he’s tryiong none the less.
I’ve been using WordPress on a number of websites for about
a year and am worried about switching to another platform.
I have heard fantastic things about blogengine.net.
Is there a way I can transfer all my wordpress content into it?
Any kind of help would be greatly appreciated!
Wonderful beat ! I would like to apprentice while you amend your website, how could i subscribe for a blog website?
The account aided me a acceptable deal. I had been a little bit acquainted
of this your broadcast provided bright clear concept
I am really grateful to the owner of this web site who has shared this fantastic paragraph at here.
I like reading a post that can make men and women think.
Also, many thanks for permitting me to comment!
I am continually invstigating online for ideas that can help me. Thanks!
471840 894899youve gotten an important weblog appropriate here! would you wish to make some invite posts on my weblog? 11336
I?¦ll immediately seize your rss as I can’t in finding your e-mail subscription hyperlink or e-newsletter service. Do you have any? Kindly permit me realize in order that I could subscribe. Thanks.
138548 743095Youre so cool! I dont suppose Ive read anything like this before. So good to search out any individual with some original thoughts on this subject. realy thank you for starting this up. this web site is one thing thats wanted on the internet, somebody with a bit of originality. valuable job for bringing something new towards the internet! 310410
957417 588469Hey! Do you know if they make any plugins to protect against hackers? Im kinda paranoid about losing everything Ive worked hard on. Any recommendations? 962320
972155 983955Spot lets start work on this write-up, I in fact believe this amazing internet site requirements additional consideration. Ill more likely be once once again you just read additional, thank you that details. 819050
378241 664606Attractive part of content material. I just stumbled upon your website and in accession capital to claim that I acquire in fact enjoyed account your weblog posts. Any way Ill be subscribing to your feeds and even I achievement you get entry to constantly quickly. 262138
buying prescription drugs in mexico: mexican drugstore online – mexico pharmacies prescription drugs